Privacy Act of 1974

AGENCY:

Internal Revenue Service, Treasury.

ACTION:

Pursuant to section 552a(e)(12) of the Privacy Act of 1974, as amended, and Office of Management and Budget (OMB) Guidelines on the conduct of Matching Programs, notice is hereby given that the Internal Revenue Service (IRS) intends to continue matching computerized data within its systems of records for the purpose of detecting and deterring breaches of security policy by IRS personnel and/or contractors. This notice is intended to comply with the Privacy Act of 1974, 5 U.S.C. 552a, as amended by the Computer Matching and Privacy Protection Act of 1988, Public Law 100-503, and the Computer Matching and Privacy Protection Amendments of 1990, Public Law 101-508, as well as OMB guidelines.

SUMMARY:

The IRS is continuing its program of reviewing detections of potential violations of security policies to determine whether there has been an actual violation. This review includes matching data from existing IRS systems of records such as:

I. Treasury Payroll and Personnel System [Treasury/DO.001]

II. Subsidiary Accounting Files [Treasury/IRS 22.054]

III. Automated Non-Master File (ANMF) [Treasury/IRS 22.060]

IV. Information Return Master File (IRMF) [Treasury/IRS 22.061]

V. CADE Individual Master File (IMF) [Treasury/IRS 24.030]

VI. CADE Business Master File (BMF) [Treasury/IRS 24.046]

VII. Audit Trail and Security Records [Treasury/IRS 34.037]

VIII. General Personnel and Payroll Records [Treasury/IRS 36.003]

This review may include using data elements such as:

I. Employee name, Social Security number (SSN), standard employee identification number (SEID), address, email addresses

II. Employee spouse's name, SSN, address

III. Taxpayer entity information, including prior and current name, taxpayer identification number, address, tax return/account information

IV. Electronic transmission specifics, such as sender's email address, recipient's email address, recipient's internet service provider, transmission date and time, IP address, computer machine name, terminal identification

Reporting: A report describing this proposal has been provided to OMB and the Congressional committees responsible for oversight of the Privacy Act in accordance with the Privacy Act of 1974, OMB Guidelines on the Conduct of Matching Programs (54 FR 25818, June 19, 1989), OMB Bulletin 89-22, “Instructions on Reporting Computer Matching Programs to the Office of Management and Budget (OMB), Congress and the Public,” and OMB Circular No. A-130, (rev. Nov. 28, 2000), “Management of Federal Information Resources.”

Notice Procedures: IRS employees, contractors, and other individuals who have been granted access to IRS information, or to IRS equipment and resources, are notified regularly that their computer activity is monitored. This information is also publicized in the System of Records Notice “Audit Trail and Security Records—Treasury/IRS 34.037” (77 FR 155 (August 10, 2012)).

Security: All information obtained and/or generated as part of the IRS computer matching program will be safeguarded in accordance with the provisions of 5 U.S.C. 552a, 26 U.S.C. 6103, as well as IRS record safeguarding requirements, which conform to Treasury Directive (TD) 80-05, Records and Information Management, and TD P 71-10, Department of the Treasury Security Manual, and are no less restrictive than the standards prescribed in IRS Publication 1075, Tax Information Security Guidelines for Federal, State and Local Agencies. Matches under this program will comply with the standards of OMB policy M-06-16, Protection of Sensitive Agency Information, requiring that sensitive information, including all Personally Identifiable Information be protected at all times.

Records Usage, Duplication And Disclosure: The information generated and/or obtained during these computer matches will be used by IRS employees in the performance of their official responsibilities. Access to this information is limited to those individuals who have a need to know the information in the performance of their official duties. These individuals are subject to criminal and civil penalties for the unauthorized inspection and/or disclosure of this information. During the execution of this program of computer matches and resulting analyses or investigations, IRS employees may duplicate the records used only to perform their official duties. The information collected or generated as part of this program of computer matches may only be disclosed in accordance with the provisions of 5 U.S.C. 552a, 26 U.S.C. 6103, and any other applicable federal privacy provisions.

Legal And Regulatory Authority: The IRS must safeguard information to comply with the Internal Revenue Code, the Privacy Act of 1974, the Bank Secrecy Act, Title 18 of the United States Code, the Federal Information Security Management Act (FISMA), and other applicable laws. Sending confidential information without sufficient protection violates IRS security policy. This matching program will assist the IRS in protecting that sensitive information from unauthorized use or disclosure.

DATES:

Comments must be received no later than February 16, 2016. The matching program became effective May 22, 2015, and the renewal will become effective February 23, 2016 unless the IRS receives comments which cause reconsideration of this action.

ADDRESSES:

Comments should be sent to the Office of Privacy, Governmental Liaison and Disclosure, Internal Revenue Service, 1111 Constitution Avenue NW., Washington, DC 20224. Comments will be available for inspection and copying in the IRS Freedom of Information Reading Room (Room 1621) at the above address. The telephone number for the Reading Room is (202) 622-5164 (not a toll-free number).

FOR FURTHER INFORMATION CONTACT:

David Silverman, Management and Program Analyst, IRS Office of Privacy, Governmental Liaison and Disclosure, (202) 622-5625 (not a toll-free number).